From: Greg KH <greg@kroah.com>
To: Ben Hutchings <ben@decadent.org.uk>
Cc: Jiri Kosina <jkosina@suse.cz>,
James Bottomley <James.Bottomley@HansenPartnership.com>,
ksummit-2013-discuss@lists.linuxfoundation.org,
linux-kernel@vger.kernel.org, stable@vger.kernel.org
Subject: Re: [Ksummit-2013-discuss] KS Topic request: Handling the Stable kernel, let's dump the cc: stable tag
Date: Tue, 16 Jul 2013 21:24:31 -0700 [thread overview]
Message-ID: <20130717042431.GC20312@kroah.com> (raw)
In-Reply-To: <1374033238.2537.98.camel@deadeye.wl.decadent.org.uk>
On Wed, Jul 17, 2013 at 04:53:58AM +0100, Ben Hutchings wrote:
> On Tue, 2013-07-16 at 09:36 -0700, Greg KH wrote:
> > On Tue, Jul 16, 2013 at 11:11:24AM +0200, Jiri Kosina wrote:
> > > On Mon, 15 Jul 2013, Greg KH wrote:
> > >
> > > > > Anything that's being reviewed on the stable list is public. I know
> > > > > this is an old argument, but if you point out a fix you *know* has a
> > > > > security impact then you'll help general distribution maintainers and
> > > > > users a lot more than you help the black-hats who are quite capable of
> > > > > recognising such a fix (if they haven't already spotted and exploited
> > > > > the bug).
> > > >
> > > > I'm sorry, but you know I will not do that, so asking about it isn't
> > > > going to change this behavior.
> > >
> > > I just followed up in the other thread, where Ted was explaining why the
> > > huge /dev/random rework was a -stable material.
> > >
> > > Why specifically would it be wrong to be open about this being security
> > > related, and providing the necessary data (i.e. at least reference to
> > > http://factorable.net/) publically?
> > >
> > > I fail to see what the point behind hiding this would be.
> >
> > I'm not "hiding" anything, all I'm doing is using the exact same
> > changelog comments that are in Linus's tree, and nothing else.
>
> Right, and I wouldn't expect you to edit commit messages. But if a fix
> was privately proposed to you for stable on the grounds that the bug is
> found to be exploitable, maybe you could include that information in the
> cover message for the review.
Sorry, my position on that has not changed, I will not do that for the
obvious reasons discussed many times in the past.
greg k-h
next prev parent reply other threads:[~2013-07-17 4:26 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-15 19:27 KS Topic request: Handling the Stable kernel, let's dump the cc: stable tag James Bottomley
2013-07-15 19:45 ` [Ksummit-2013-discuss] " Steven Rostedt
2013-07-15 19:55 ` Willy Tarreau
2013-07-15 20:56 ` Steven Rostedt
2013-07-15 21:09 ` Joe Perches
2013-07-15 21:21 ` Steven Rostedt
2013-07-15 21:34 ` Joe Perches
2013-07-21 4:06 ` Rob Landley
2013-07-15 21:52 ` Willy Tarreau
2013-07-15 20:15 ` Mark Brown
2013-07-15 21:07 ` Steven Rostedt
2013-07-15 20:19 ` Guenter Roeck
2013-07-15 22:04 ` David Woodhouse
2013-07-15 22:07 ` Guenter Roeck
2013-07-15 22:38 ` H. Peter Anvin
2013-07-15 23:22 ` Guenter Roeck
2013-07-16 0:13 ` H. Peter Anvin
2013-07-16 0:21 ` Greg KH
2013-07-16 0:25 ` H. Peter Anvin
2013-07-16 15:50 ` Paul Gortmaker
2013-07-15 20:20 ` Jason Cooper
2013-07-15 21:44 ` Greg KH
2013-07-15 21:55 ` Greg KH
2013-07-15 22:01 ` H. Peter Anvin
2013-07-15 23:08 ` Greg KH
2013-07-16 0:40 ` [Ksummit-2013-discuss] " Rafael J. Wysocki
2013-07-16 9:06 ` Jiri Kosina
2013-07-15 22:01 ` Steven Rostedt
2013-07-16 0:06 ` Greg KH
2013-07-16 2:09 ` Steven Rostedt
2013-07-16 2:41 ` Ben Hutchings
2013-07-16 3:27 ` Dave Airlie
2013-07-16 3:43 ` Steven Rostedt
2013-07-16 4:10 ` Ben Hutchings
2013-07-16 6:23 ` Greg KH
2013-07-16 6:10 ` James Bottomley
2013-07-16 6:28 ` Greg KH
2013-07-15 22:22 ` Jiri Kosina
2013-07-15 23:40 ` Jiri Kosina
2013-07-15 23:59 ` Greg KH
2013-07-16 2:30 ` Ben Hutchings
2013-07-16 6:13 ` Greg KH
2013-07-16 9:11 ` Jiri Kosina
2013-07-16 16:36 ` Greg KH
2013-07-17 3:53 ` Ben Hutchings
2013-07-17 4:24 ` Greg KH [this message]
2013-07-16 5:17 ` James Bottomley
2013-07-16 6:20 ` Greg KH
2013-07-16 7:43 ` [Ksummit-2013-discuss] " James Bottomley
2013-07-16 9:46 ` Jiri Kosina
2013-07-16 9:46 ` Jiri Kosina
2013-07-16 12:43 ` Ben Hutchings
2013-07-16 16:35 ` Greg KH
2013-07-16 23:15 ` Jiri Kosina
2013-07-16 13:14 ` Josh Boyer
2013-07-17 15:08 ` John W. Linville
2013-07-18 7:45 ` Kalle Valo
2013-07-16 10:02 ` Jan Kara
2013-07-16 6:24 ` David Lang
2013-07-16 16:45 ` [Ksummit-2013-discuss] " Steven Rostedt
2013-07-16 2:00 ` Ben Hutchings
2013-07-16 9:53 ` Mark Brown
2013-07-21 4:11 ` Rob Landley
2013-07-21 15:09 ` [Ksummit-2013-discuss] " Ben Hutchings
2013-07-22 21:24 ` KOSAKI Motohiro
2013-07-23 2:29 ` Li Zefan
2013-07-23 2:29 ` Li Zefan
2013-07-23 2:40 ` Myklebust, Trond
2013-07-23 2:40 ` Myklebust, Trond
2013-07-23 2:47 ` James Bottomley
2013-07-23 2:57 ` Myklebust, Trond
2013-07-23 2:57 ` Myklebust, Trond
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130717042431.GC20312@kroah.com \
--to=greg@kroah.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=ben@decadent.org.uk \
--cc=jkosina@suse.cz \
--cc=ksummit-2013-discuss@lists.linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.